Checks access to an operation on a given entity or entity translation.
\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.
string $operation: The operation access should be checked for. Usually one of "view", "create", "update" or "delete".
string $langcode: (optional) The language code for which to check access. Defaults to Language::LANGCODE_DEFAULT.
\Drupal\Core\Session\AccountInterface $account: (optional) The user session for which to check access, or NULL to check access for the current user. Defaults to NULL.
bool TRUE if access was granted, FALSE otherwise.
Overrides EntityAccessControllerInterface::access
public function access(EntityInterface $entity, $operation, $langcode = Language::LANGUAGE_DEFAULT, AccountInterface $account = NULL) {
if (!$account) {
$account = $GLOBALS['user'];
}
if (($access = $this
->getCache($entity, $operation, $langcode, $account)) !== NULL) {
// Cache hit, no work necessary.
return $access;
}
// Invoke hook_entity_access(), hook results take precedence over overridden
// implementations of EntityAccessController::checkAccess(). Entities
// that have checks that need to be done before the hook is invoked should
// do so by overridding this method.
// We grant access to the entity if both of these conditions are met:
// - No modules say to deny access.
// - At least one module says to grant access.
$access = module_invoke_all($entity
->entityType() . '_access', $entity
->getBCEntity(), $operation, $account, $langcode);
if (in_array(FALSE, $access, TRUE)) {
$return = FALSE;
}
elseif (in_array(TRUE, $access, TRUE)) {
$return = TRUE;
}
else {
// No result from hook, so entity checks are done.
$return = (bool) $this
->checkAccess($entity, $operation, $langcode, $account);
}
return $this
->setCache($return, $entity, $operation, $langcode, $account);
}